Package eu.scape_project.planning.services

Source Code of eu.scape_project.planning.services.RestSecurityInterceptor

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
package eu.scape_project.planning.services;

import java.util.List;

import javax.ws.rs.WebApplicationException;
import javax.ws.rs.ext.Provider;

import org.apache.commons.codec.binary.Base64;
import org.apache.commons.configuration.Configuration;
import org.apache.commons.lang.StringUtils;
import org.jboss.resteasy.annotations.interception.ServerInterceptor;
import org.jboss.resteasy.core.ResourceMethod;
import org.jboss.resteasy.core.ServerResponse;
import org.jboss.resteasy.spi.Failure;
import org.jboss.resteasy.spi.HttpRequest;
import org.jboss.resteasy.spi.UnauthorizedException;
import org.jboss.resteasy.spi.interception.PreProcessInterceptor;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

import eu.scape_project.planning.utils.ConfigurationLoader;

@Provider
@ServerInterceptor
public class RestSecurityInterceptor implements PreProcessInterceptor {

    private static final Logger LOGGER = LoggerFactory.getLogger(RestSecurityInterceptor.class);
    @Override
    public ServerResponse preProcess(HttpRequest request, ResourceMethod resourceMethod) throws Failure, WebApplicationException {
        // Then get the HTTP-Authorization header and base64 decode it
        List<String> authHeader = request.getHttpHeaders().getRequestHeader("Authorization");
        if (authHeader != null) {
           
           
            for (String auth : authHeader) {
                if (auth.startsWith("Basic ")) {
                    byte encoded[] = Base64.decodeBase64(auth.substring(6));
                    String encodedStr = new String(encoded);
                    String userPwd[] = encodedStr.split(":");
                    if ((userPwd != null) &&
                        (userPwd.length == 2) &&
                        StringUtils.isNotEmpty(userPwd[0]) &&
                        StringUtils.isNotEmpty(userPwd[1])) {
                        ConfigurationLoader configurationLoader = new ConfigurationLoader();
                        Configuration config = configurationLoader.load();
                        String path = request.getPreprocessedPath().replaceAll("/", ".").substring(1);
                       
                        String user = config.getString(path + ".rest.user", "");
                        String passwd = config.getString(path + ".rest.pass", "");
                       
                        if (user.equals(userPwd[0]) && passwd.equals(userPwd[1])) {
                            return null;
                        }
                    }
                }
            }
        }
        throw new UnauthorizedException("Username/Password does not match");       
    }

}
TOP

Related Classes of eu.scape_project.planning.services.RestSecurityInterceptor

  • eu.scape_project.planning.utils.ConfigurationLoader
  • org.apache.commons.configuration.Configuration
  • org.jboss.resteasy.spi.UnauthorizedException
    • TOP
    Copyright © 2018 www.massapi.com. All rights reserved.
    All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.